MENU

Posts Tagged ‘linux memory forensics’

Most Recent
 
Read More
2018-01-04

A List of Incident Response sources

A member of GitHub ‘meirwah’ has shared the good list of incident response sources (such us: tools, books, videos, communities, etc.).

 

273
 
Read More
2017-11-25

Linux File System Overview

N1GH7M4R3 has shared short and clearly overview of Linux File System.

He has described all system folders of the file system.

297
 
Read More
2016-06-15

Converting a memory image from raw to padded

There are several methods of acquiring a memory image from a Linux system – one of the most traditional being to image the current physical memory into a single file – In this case any non-system areas would need to be padded with zeros in order to maintain the representation of physical memory. Another method involves examining the /proc/iomem file (Linux will print the current map of the systems memory in this file) to identify which memory ranges are marked as System RAM, and copying / concatenating those ranges into one file. This results in a smaller file, but lacks the representation of physical memory.

The problem we have and the reason this article and Python code has [...]

234
 
Read More
2016-05-17

Linux memory forensic acquisition

With release of such tools as Volatility, acquiring RAM images becomes really useful.

1642
Latest Headlines
 
Read More
905
 
Read More
464
 
Read More
898

Trending Topics
digital forensics
computer forensics
Articles
mobile forensics
DFIR
Android forensics
digital forensics software
windows forensics
forensic data recovery
Top Stories
 
 
Right Now
 
bstrings 1.0 released
Top Five
Heat Index
 
1
Decrypting encrypted WhatsApp databases without the key
 
2
How to Make the Forensic Image of the Hard Drive
 
3
Extracting data from SmartSwitch backups
 
4
Forensic tools for your Mac
 
5
Android forensic analysis with Autopsy

Get Help Now

Thank you for contacting us.
Your Digital Investigator will call you shortly.